<?php
$file = $argv[1];
$content = file_get_contents($file);
$preg_split = preg_split('/unset\(\$\w+\);/ims', $content);
$topbin = $preg_split[0];
file_put_contents('topbin.php', $topbin);
include('topbin.php');
$content = $preg_split[1];

$pattern = '/call_user_func\("\\\x70\\\x61\\\x63\\\x6b",\s?\$GLOBALS\[.*?\]\[.*?\],\s?\$GLOBALS\[.*?\]\[.*?\]\)/i';
$content = str_decode($pattern, $content);

$content = str_decode('/(\$GLOBALS\[.*?])\[.*?\]/i', $content);

$content = str_decode("/pack\('H\*',\s?'.*?'\)/i", $content);

$pathinfo = pathinfo($file);
$file = $pathinfo['filename'] . '.decode.' . $pathinfo['extension'];
$content = '<?php' . PHP_EOL . $content;
file_put_contents($file, $content);





function halt($content)
{
	var_dump($content);
	exit;
}

function str_decode($pattern, $content)
{
	preg_match_all($pattern, $content, $matches);
	foreach ($matches[0] as $key => $value) {
		$rand = rand() . '.php';
		$code = "<?php \$str = $value;";
		file_put_contents($rand, $code);
		require $rand;
		unlink($rand);
		$str = '\'' . str_replace("'", "\'", $str) . '\'';
		$str = str_replace("\\\\'", "\'", $str);
		$content = str_replace($value, $str, $content);
	}
	return $content;
}
